Comments (2)
Hi Balf,
The TwelveMonkeys ImageIO WebP plugin does not use libwebp or other native libraries. Our code is written in Java and not based on libwebp. The CVE describes the issue as a buffer overflow, which is unlikely to happen in Java code.
So to the best of my knowledge, our WebP plugin should not be affected by the vulnerability described in the CVE.
from twelvemonkeys.
Hi Harald! Thanks for confirming!
Kind regards, Balf
from twelvemonkeys.
Related Issues (20)
- Reading a deflate-compressed TIFF leaks native memory HOT 1
- ImageIO.read return null HOT 1
- Add OpenSSF Scorecard Workflow HOT 1
- JPEG encoded TIFF: Metadata components != number of destination bands HOT 7
- java.lang.ArrayIndexOutOfBoundsException: 2 with a JPEG HOT 3
- Read huge jpg file ,get error: javax.imageio.IIOException: Can not read image of the size 54948 by 45620 HOT 2
- It would be nice if the twelvemonkeys jars were OSGi bundles HOT 26
- ClassCastException ImageReadParam BigTIFF reading HOT 2
- jakarta.servlet support HOT 2
- Allow tiff writing to use an explicit photometric interpretation option HOT 7
- Enable a SAST Tool
- Question: compatibility with org.apache.commons:commons-imaging ? HOT 2
- Features stopped working after upgrading to JDK 17 HOT 8
- It would be nice if Twelvemonkeys had support for EXIF tag 0xa436 Title HOT 10
- Problematic inconsistence in JPEG color space detection: TwelveMonkey vs standard Java API HOT 9
- Wrong colors with CMYK JPEG HOT 1
- Webp: cannot decode grayscale images HOT 5
- NPE while read a PSD file HOT 3
- Unable to modify a JPEGImage10Metadata comment value HOT 17
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from twelvemonkeys.